Skip to content

BCDA-9400: Add tagging for lifecycle management#1208

Merged
bhagatparwinder merged 2 commits intomainfrom
parwinder/BCDA-9400-add-lifecycle-mgmt-to-s3
Sep 12, 2025
Merged

BCDA-9400: Add tagging for lifecycle management#1208
bhagatparwinder merged 2 commits intomainfrom
parwinder/BCDA-9400-add-lifecycle-mgmt-to-s3

Conversation

@bhagatparwinder
Copy link
Contributor

@bhagatparwinder bhagatparwinder commented Sep 12, 2025

🎫 Ticket

https://jira.cms.gov/browse/BCDA-9400

🛠 Changes

  • Updated the workflow to add the lifecycle-transition:ia tag when uploading the Lambda deployment package.
  • Every time the workflow uploads a new Lambda deployment package, it will automatically tag the object with lifecycle-transition=ia
  • The S3 lifecycle rule in the CDAP repo will now apply to these tagged objects
  • When a new deployment happens and the previous version becomes "noncurrent", it will automatically transition to Standard-IA storage after 3 days

ℹ️ Context

We were not using lifecycle transitions on our buckets, and a Security Hub control failed. Remediating it by adding a basic lifecycle transition.

The workflow has been updated to include the --tagging "lifecycle-transition=ia" parameter in the S3 upload command.

🧪 Validation

Using the AWS console when the Lambda is deployed into lower environments.

@bhagatparwinder bhagatparwinder requested a review from a team as a code owner September 12, 2025 17:47
@bhagatparwinder bhagatparwinder changed the title + tagging for lifecycle mgmt on one lambda BCDA-9400: Add tagging for lifecycle management Sep 12, 2025
@laurenkrugen-navapbc
Copy link
Contributor

laurenkrugen-navapbc commented Sep 12, 2025

was this the only lambda that required this updated? or do the others need it too?

@bhagatparwinder
Copy link
Contributor Author

bhagatparwinder commented Sep 12, 2025

was this the only lambda that required this updated? or do the others need it too?

I want to test this out with one lambda bucket first. Once verified, I will make the same change for all in another PR.

@bhagatparwinder bhagatparwinder merged commit 7c13f85 into main Sep 12, 2025
8 checks passed
@bhagatparwinder bhagatparwinder deleted the parwinder/BCDA-9400-add-lifecycle-mgmt-to-s3 branch September 12, 2025 21:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laurenkrugen-navapbc laurenkrugen-navapbc laurenkrugen-navapbc approved these changes

@jscott-nava jscott-nava jscott-nava approved these changes

@juliareynolds-nava juliareynolds-nava Awaiting requested review from juliareynolds-nava

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bhagatparwinder @laurenkrugen-navapbc @jscott-nava